Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
229401 4.3 警告 ventrian - Simple Gallery の gallery.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-1698 2012-12-20 18:52 2008-04-8 Show GitHub Exploit DB Packet Storm
229402 5 警告 seattle lab software - SLMail Pro の SLMail.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1691 2012-12-20 18:52 2008-04-7 Show GitHub Exploit DB Packet Storm
229403 10 危険 seattle lab software - SLMail Pro の WebContainer.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-1690 2012-12-20 18:52 2008-04-7 Show GitHub Exploit DB Packet Storm
229404 5 警告 seattle lab software - SLMail Pro の WebContainer.exe におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2008-1689 2012-12-20 18:52 2008-04-7 Show GitHub Exploit DB Packet Storm
229405 7.5 危険 レッドハット - Red Hat Directory Server の正規表現ハンドラにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-1677 2012-12-20 18:52 2008-04-30 Show GitHub Exploit DB Packet Storm
229406 6.8 警告 savas place - Sava's Link Manager の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1653 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229407 5 警告 Sympa - Sympa におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-1648 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229408 7.5 危険 savas place - Sava's Link Manager の viewlinks.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-1644 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229409 7.5 危険 savas place - Sava's GuestBook の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-1642 2012-12-20 18:52 2008-04-2 Show GitHub Exploit DB Packet Storm
229410 6.8 警告 PowerDNS - PowerDNS Recursor における DNS を偽装される脆弱性 CWE-189
数値処理の問題 		CVE-2008-1637 2012-12-20 18:52 2008-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 19, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2661 9.8 CRITICAL
Network 		gitpython_project gitpython GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then executes shlex.split(" ".join(multi_options)… CWE-88
Argument Injection 		CVE-2026-42284 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2662 - - - Saltcorn is an extensible, open source, no-code database application builder. Prior to versions 1.4.6, 1.5.6, and 1.6.0-beta.5, Saltcorn validates the post-login dest parameter with a string check th… CWE-601
Open Redirect 		CVE-2026-42259 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2663 9.8 CRITICAL
Network 		- - ChestnutCMS v1.5.10 has a SQL injection vulnerability. The content parameter of the cms_content tag can be manipulated in the admin backend and injected into a SQL query when the template is rendered. CWE-94
Code Injection 		CVE-2026-36458 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2664 - - - Uncontrolled Resource Consumption vulnerability in ericmj decimal allows unauthenticated remote Denial of Service. The decimal library does not bound the exponent on parsed input. Storing a decimal … CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-32686 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2665 9.8 CRITICAL
Network 		- - The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports bot… CWE-285
Improper Authorization 		CVE-2026-30496 2026-05-9 08:16 2026-05-7 Show GitHub Exploit DB Packet Storm
2666 8.8 HIGH
Adjacent 		- - The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is con… CWE-285
Improper Authorization 		CVE-2026-30495 2026-05-9 08:16 2026-05-7 Show GitHub Exploit DB Packet Storm
2667 6.1 MEDIUM
Network 		- - Sidekiq-cron thru 2.3.1, an open-source scheduling add-on for Sidekiq, is vulnerable to a cross-site scripting (xss) vulnerability via crafted URL being rended from cron.erb. CWE-79
Cross-site Scripting 		CVE-2025-67202 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2668 9.8 CRITICAL
Network 		- - NPM package next-npm-version1.0.1 is vulnerable to Command injection. CWE-94
Code Injection 		CVE-2025-63706 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2669 9.8 CRITICAL
Network 		- - npm package parse-ini v1.0.6 is vulnerable to Prototype Pollution in index.js(). CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2025-63703 2026-05-9 08:16 2026-05-8 Show GitHub Exploit DB Packet Storm
2670 9.1 CRITICAL
Network 		- - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, the /user-setup/{hash} endpoint accepts a 60-character random invite_hash to set a new use… CWE-613
 Insufficient Session Expiration 		CVE-2026-41902 2026-05-9 07:16 2026-05-8 Show GitHub Exploit DB Packet Storm